Open source authorization: embed or look for alternatives? Comparing Casbin and SpiceDB

Casbin is an open-source access control library that integrates directly into an application, allowing developers to embed customizable access control models like RBAC (Role-Based Access Control), ABAC (Attribute-Based Access Control), and ACLs (Access Control Lists) directly into the codebase. SpiceDB is an open source, centralized permissions system that externalizes authorization decisions from the application codebase. Both systems have their pros and cons, with Casbin offering more flexibility and control but potentially higher complexity as the system scales, while SpiceDB provides a more streamlined approach to managing permissions across distributed environments, with built-in tools for correctness, auditing, and performance. The choice between embedding an authorization library or adopting an externalized, centralized system will depend on the specific needs of the project and its growth potential.